Internet Assigned Numbers Authority Remote Attestation Procedures (RATS) Created 2024-07-26 Last Updated 2025-05-22 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registry Included Below • Entity Attestation Token (EAT) Intended Uses Entity Attestation Token (EAT) Intended Uses Registration Procedure(s) Expert Review Expert(s) Giridhar Mandyam, Jeremy O'Donoghue Reference [RFC9711] Available Formats [IMG] CSV Value Description Reference 0 Reserved [RFC9711] 1 Generic attestation describes an application where the EAT consumer requires the most up-to-date security assessment of the [RFC9711] attesting entity. It is expected that this is the most commonly-used application of EAT. 2 Entities that are registering for a new service may be expected to provide an attestation as part of the registration process. [RFC9711] This "intuse" setting indicates that the attestation is not intended for any use but registration. 3 Entities may be provisioned with different values or settings by an EAT consumer. Examples include key material or device [RFC9711] management trees. The consumer may require an EAT to assess entity security state of the entity prior to provisioning. Certification Authorities (CAs) may require attestation results (which in a background check model might require receiving 4 evidence to be passed to a verifier) to make decisions about the issuance of certificates. An EAT may be used as part of the [RFC9711] certificate signing request (CSR). An EAT consumer may require an attestation as part of an accompanying proof-of-possession (PoP) application. More precisely, a 5 PoP transaction is intended to provide to the recipient cryptographically-verifiable proof that the sender has possession of a [RFC9711] key. This kind of attestation may be necessary to verify the security state of the entity storing the private key used in a PoP application. 6-255 Unassigned Licensing Terms